Slashdot Mirror
New Software To Balance Privacy and Security?
An anonymous reader writes "Claiming to provide both security and privacy, researchers at UCLA say they have developed a system to monitor suspicious online communication that discards communications from law-abiding citizens before they ever reach the intelligence community." From the article: "The truly revolutionary facet of the technology is that it is a new and powerful example of a piece of code that has been mathematically proven to be impossible to reverse-engineer. In other words, it can't be analyzed to figure out its components, construction and inner workings, or reveal what information it's collecting and what information it's discarding -- it won't give up its secrets. It can't be manipulated or turned against the user."
I'd like to see the demonstration. Until such time, I call bollocks and I refuse to believe an "impossible to reverse-engineer" piece of code ever exists.
I second your bullshit and raise! The problem with proofs such as this is that they assume broad axioms that in reality might not be true in the hardware. For example, they may well have proved the theorem if they assume all operations of a certain set take the same length but in reality they might not. The processor might take a ten billionth of a second longer to do one operation than it does another, or it might release more heat when it does one operation than it does when it performs another, or it might release a certain magnetic field when it does one operation and not another.
Side-channel attacks, as these are called, are often totally devastating. There was one attack where simply heating the computer up can cause a system to get owned. If the proof is correct, it's certainly interesting but practically we're a long way from getting to this gold standard.
Simon
My only option is to recall Nazism, so please don't apply Godwin's Law to this =)
Prior to the occupation of Europe, Dehomag (IBM's European Subsidiary) tabulated the census data of unoccupied European Countries at their behest. This seemingly innocent data was then co-opted by the Nazi state, with the help of IBM. IBM had recently introduced Hollerith machines and the Nazis were IBM's best punch card customer. In 1937 Thomas J. Watson was decorated by Hjalmar Schacht, the Nazi Economics Minister with the Merit Cross of the German Eagle, whilst draped in Swastikas at a party thrown by Goebbels, at a cost of 4 million Reichsmarks, in front of 3000 people on Peacock Island, Berlin.
Census seems like the most innocent seeming question of all : who are you ?
What do you do, exactly ?
Is not a question I feel like anyone has the right to just know. Humans lie all the time "I can't, I'm busy" or "Sorry I'm late" or everyone's favourite "nothing, it's nothing", it is part of getting by.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
If it can be run, it can be read. If it can be read, it can be decompiled. If it can be decompiled, it can be understood.
The core claim in the article is that an attacker with access to the code has no possibility of knowing if a given input will be flagged or not. I can see how someone with access only to the data storage could be prevented from knowing if the gigabyte of noise it stores just changed randomly or if his message was stored there in public key encrypted form. I can _not_ see how the applying of selection criteria can be hidden from someone with access to the code. The code _must_ make the decision on whether to save something or not.
...it is a new and powerful example of a piece of code that has been mathematically proven to be impossible to reverse-engineer...
Brrrrrr.. spooky! This sounds like an incredible misinterpretation of whatever the original paper/research is actually doing though. Devices may be reverse engineered without even looking inside if you have access to its inputs and outputs and can continually test and hypothesize and retest, etc. A device that distinguishes between 'evil' and 'regular' packets (as input) and outputs a bit that indicates 1='evil' or 0='not evil' (or a floating point degree of evil, say..) is no different. If you have access to the code that runs this particular device running on a router or somewhere packets drift by then obviously the situation can be no worse. I'd definitely like to see the link to this mathematical proof..
The problem with proofs such as this is that they assume broad axioms that in reality might not be true in the hardware.
Nah, side-channels have nothing to do with it. Even though the article doesn't mention it, the authors are doing rigorous program obfuscation. In the security model for this problem, the adversary gets access to the code and can do whatever he wants to it: run it (on whatever architecture he pleases) on different inputs, insert or delete instructions, slow it down, speed it up, whatever. The definitions are totally hardware-independent. With all this power, the adversary still cannot learn anything about what the program does, other than what he could learn by having "black-box" access to whatever function the program computes (i.e., we allow him to pick inputs and see the correct outputs).
The only catch is the proofs of security usually make some non-standard assumptions about number-theory problems (think RSA, but much weirder). These assumptions are independent of computer architecture, and only relate to whether certain abstract mathematical problems are easy or hard to solve.
Many commenters are claiming "it is always possible to reverse-engineer a program!," using such reasons as "you can always watch the processor perform the instructions and eventually figure it out."
Let me tell you, as a cryptographer, that these claims are false. The recent field of program obfuscation gives surprisingly strong ways to prevent reverse-engineering, in a very rigorous and strong way.
Not every program can be obfuscated (this has been proven). However, programs that fit a certain template (like: "check if the input string matches the user's password") can be obfuscated. What this means is that you can give the program's entire code to the adversary -- he can run it on his own computer (no DRM required) on whatever inputs he likes, alter it, stretch it, twist it, whatever. After all this he still will not be able to guess the password, any more than if he had some mathematically-perfect black-box that truthfully answered the question: "is [X] the password?" (Actually the definition is even stronger than this, but that's the gist of it.)
Yes, this seems extremely hard to do -- after all, the adversary has complete and total power over the code that is running. Yet it can be done, rigorously and provably, if you're willing to believe that there are some number-theory problems out there (like RSA) that are hard to solve.
For the work described in the article, it sounds like the "black-box" does something like the following: if your input string contains some "watch words," then the output is the same as the input, but encrypted under the government's key. If your input string is "benign," then the output is just "THIS WAS A BENIGN INPUT", encrypted in the government's key -- i.e., it ignores any benign input and replaces it with a placeholder. By running the obfuscated program and looking at the output, you can't tell if the input was flagged or not. Even while watching the program run, you can't tell if the program is flagging the input or not (or learn anything about the government's key). When the government collects the output and decrypts it, it only sees the flagged inputs, as the rest have been ignored.
As I've said, none of this depends on the program requiring any DRM or TPM or any other specialized hardware. It only relies on the mathematics.